Data Security and Privacy Plan As more fully described herein, throughout the term of the Master Agreement, Vendor will have a Data Security and Privacy Plan in place to protect the confidentiality, privacy and security of the Protected Data it receives from the District. Vendor’s Plan for protecting the District’s Protected Data includes, but is not limited to, its agreement to comply with the terms of the District’s Bill of Rights for Data Security and Privacy, a copy of which is set forth below and has been signed by the Vendor. Additional components of Vendor’s Data Security and Privacy Plan for protection of the District’s Protected Data throughout the term of the Master Agreement are as follows:
Contractor Information The Contractor will provide up to date information for each of the following in the form and manner specified by OGS:
Data Security and Privacy 12.1 SERVICE PROVIDER acknowledges the importance of Data Security and agrees to adhere to the Terms and Conditions of the Data Security Policy of IIMC.
Insurance and Fingerprint Requirements Information Insurance If applicable and your staff will be on TIPS member premises for delivery, training or installation etc. and/or with an automobile, you must carry automobile insurance as required by law. You may be asked to provide proof of insurance. Fingerprint It is possible that a vendor may be subject to Chapter 22 of the Texas Education Code. The Texas Education Code, Chapter 22, Section 22.0834. Statutory language may be found at: xxxx://xxx.xxxxxxxx.xxxxx.xxxxx.xx.xx/ If the vendor has staff that meet both of these criterion: (1) will have continuing duties related to the contracted services; and (2) has or will have direct contact with students Then you have ”covered” employees for purposes of completing the attached form. TIPS recommends all vendors consult their legal counsel for guidance in compliance with this law. If you have questions on how to comply, see below. If you have questions on compliance with this code section, contact the Texas Department of Public Safety Non-Criminal Justice Unit, Access and Dissemination Bureau, FAST-FACT at XXXX@xxxxx.xxxxx.xx.xx and you should send an email identifying you as a contractor to a Texas Independent School District or ESC Region 8 and TIPS. Texas DPS phone number is (000) 000-0000. See form in the next attribute to complete entitled: Texas Education Code Chapter 22 Contractor Certification for Contractor Employees
Certification Regarding Lobbying Applicable to Grants Subgrants, Cooperative Agreements, and Contracts Exceeding $100,000 in Federal Funds Submission of this certification is a prerequisite for making or entering into this transaction and is imposed by section 1352, Title 31, U.S. Code. This certification is a material representation of fact upon which reliance was placed when this transaction was made or entered into. Any person who fails to file the required certification shall be subject to a civil penalty of not less than $10,000 and not more than $100,000 for each such failure. The undersigned certifies, to the best of his or her knowledge and belief, that: (1) No Federal appropriated funds have been paid or will be paid by or on behalf of the undersigned, to any person for influencing or attempting to influence an officer or employee of any agency, a Member of Congress, an officer or employee of congress, or an employee of a Member of Congress in connection with the awarding of a Federal contract, the making of a Federal grant, the making of a Federal loan, the entering into a cooperative agreement, and the extension, continuation, renewal, amendment, or modification of a Federal contract, grant, loan, or cooperative agreement. (2) If any funds other than Federal appropriated funds have been paid or will be paid to any person for influencing or attempting to influence an officer or employee of any agency, a Member of Congress, an officer or employee of congress, or an employee of a Member of Congress in connection with this Federal grant or cooperative agreement, the undersigned shall complete and submit Standard Form-LLL, “disclosure Form to Report Lobbying,” in accordance with its instructions. (3) The undersigned shall require that the language of this certification be included in the award documents for all covered subawards exceeding $100,000 in Federal funds at all appropriate tiers and that all subrecipients shall certify and disclose accordingly. I HAVE NOT Lobbied per above If you answered "I HAVE lobbied" to the above Attribute Question If you answered "I HAVE lobbied" to the above Attribute question, you must download the Lobbying Report "Standard From LLL, disclosure Form to Report Lobbying" which includes instruction on completing the form, complete and submit it in the Response Attachments section as a report of the lobbying activities you performed or paid others to perform. Subcontracting with Small and Minority Businesses, Women's Business Enterprises, and Labor Surplus Area Firms. Do you ever anticipate the possibility of subcontracting any of your work under this award if you are successful? IF NO, DO NOT ANSWER THE NEXT ATTRIBUTE QUESTION. . IF YES, and ONLY IF YES, you must answer the next question YES if you want a TIPS Member to be authorized to spend Federal Grant Funds for Procurement. NO
Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
Security and Data Privacy Each party will comply with applicable data privacy laws governing the protection of personal data in relation to their respective obligations under this Agreement. Where Siemens acts as Customer’s processor of personal data provided by Customer, the Data Privacy Terms available at xxxxx://xxx.xxxxxxx.xxx/dpt/sw, including the technical and organizational measures described therein, apply to the use of the relevant Learning Services and are incorporated herein by reference.
Information Technology Enterprise Architecture Requirements If this Contract involves information technology-related products or services, the Contractor agrees that all such products or services are compatible with any of the technology standards found at xxxxx://xxx.xx.xxx/iot/2394.htm that are applicable, including the assistive technology standard. The State may terminate this Contract for default if the terms of this paragraph are breached.
Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.
System Security and Data Safeguards When SAP is given access to Licensee’s systems and data, SAP shall comply with Licensee’s reasonable administrative, technical, and physical safeguards to protect such data and guard against unauthorized access. In connection with such access, Licensee shall be responsible for providing Consultants with user authorizations and passwords to access its systems and revoking such authorizations and terminating such access, as Licensee deems appropriate from time to time. Licensee shall not grant SAP access to Licensee systems or personal information (of Licensee or any third party) unless such access is essential for the performance of Services under the Agreement. The parties agree that no breach of this provision shall be deemed to have occurred in the event of SAP non-conformance with the aforementioned safeguard but where no personal information has been compromised.
